addressed review comments

This commit is contained in:
Hideki Miyazaki
2023-04-27 15:13:38 +09:00
parent 4fd629d4e7
commit a2776ad35e
9 changed files with 247 additions and 170 deletions

View File

@ -135,7 +135,7 @@ void Clr_CallbackCtx(User_SCEPKCbInfo *g)
NULL, DYNAMIC_TYPE_TMP_BUFFER); NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (g->sce_wrapped_key_aes128 != NULL) if (g->sce_wrapped_key_aes128 != NULL)
XFREE(g->sce_wrapped_key_aes256, XFREE(g->sce_wrapped_key_aes128,
NULL, DYNAMIC_TYPE_TMP_BUFFER); NULL, DYNAMIC_TYPE_TMP_BUFFER);
#if defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY) #if defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
@ -220,6 +220,8 @@ void sce_test(void)
printf("wolfCrypt_Cleanup failed %d\n", ret); printf("wolfCrypt_Cleanup failed %d\n", ret);
} }
Clr_CallbackCtx(&guser_PKCbInfo);
#elif defined(BENCHMARK) && \ #elif defined(BENCHMARK) && \
(defined(WOLFSSL_RENESAS_SCEPROTECT) || \ (defined(WOLFSSL_RENESAS_SCEPROTECT) || \
defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY))
@ -253,7 +255,7 @@ void sce_test(void)
(uint32_t *)DIRECT_KEY_ADDRESS_256, (uint32_t *)DIRECT_KEY_ADDRESS_256,
HW_SCE_AES256_KEY_INDEX_WORD_SIZE*4); HW_SCE_AES256_KEY_INDEX_WORD_SIZE*4);
p1->type = SCE_KEY_INDEX_TYPE_AES256; p1->type = SCE_KEY_INDEX_TYPE_AES256;
guser_PKCbInfo.flags2.bits.aes256_installedkey_set = 1; guser_PKCbInfo.keyflgs_crypt.bits.aes256_installedkey_set = 1;
/* aes 128 */ /* aes 128 */
memcpy(p2->value, memcpy(p2->value,
@ -261,13 +263,16 @@ void sce_test(void)
HW_SCE_AES128_KEY_INDEX_WORD_SIZE*4); HW_SCE_AES128_KEY_INDEX_WORD_SIZE*4);
p2->type = SCE_KEY_INDEX_TYPE_AES128; p2->type = SCE_KEY_INDEX_TYPE_AES128;
guser_PKCbInfo.flags2.bits.aes128_installedkey_set = 1; guser_PKCbInfo.keyflgs_crypt.bits.aes128_installedkey_set = 1;
} }
#endif #endif
printf("Start wolfCrypt Benchmark\n"); printf("Start wolfCrypt Benchmark\n");
benchmark_test(NULL); benchmark_test(NULL);
printf("End wolfCrypt Benchmark\n"); printf("End wolfCrypt Benchmark\n");
/* free */
Clr_CallbackCtx(&guser_PKCbInfo);
#elif defined(TLS_CLIENT) #elif defined(TLS_CLIENT)
#include "hal_data.h" #include "hal_data.h"
#include "r_sce.h" #include "r_sce.h"

View File

@ -386,7 +386,7 @@ static int sce_aesgcm256_test(int prnt, sce_aes_wrapped_key_t* aes256_key)
goto out; goto out;
} else { } else {
userContext.sce_wrapped_key_aes256 = (void*)aes256_key; userContext.sce_wrapped_key_aes256 = (void*)aes256_key;
userContext.flags2.bits.aes256_installedkey_set = 1; userContext.keyflgs_crypt.bits.aes256_installedkey_set = 1;
enc->ctx.keySize = (word32)enc->keylen; enc->ctx.keySize = (word32)enc->keylen;
} }
@ -582,7 +582,7 @@ static int sce_aesgcm128_test(int prnt, sce_aes_wrapped_key_t* aes128_key)
goto out; goto out;
} else { } else {
userContext.sce_wrapped_key_aes128 = aes128_key; userContext.sce_wrapped_key_aes128 = aes128_key;
userContext.flags2.bits.aes128_installedkey_set = 1; userContext.keyflgs_crypt.bits.aes128_installedkey_set = 1;
enc->ctx.keySize = (word32)enc->keylen; enc->ctx.keySize = (word32)enc->keylen;
} }
/* AES-GCM encrypt and decrypt both use AES encrypt internally */ /* AES-GCM encrypt and decrypt both use AES encrypt internally */
@ -656,11 +656,15 @@ static int sce_rsa_test(int prnt, int keySize)
const char inStr2[] = TEST_STRING2; const char inStr2[] = TEST_STRING2;
const word32 inLen = (word32)TEST_STRING_SZ; const word32 inLen = (word32)TEST_STRING_SZ;
const word32 outSz = RSA_TEST_BYTES; const word32 outSz = RSA_TEST_BYTES;
byte *in = NULL;
byte *in2 = NULL;
byte *out= NULL;
byte *out2 = NULL;
byte *in = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER); in = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
byte *in2 = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER); in2 = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
byte *out= (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); out= (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
byte *out2 = (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); out2 = (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (key == NULL || in == NULL || out == NULL || if (key == NULL || in == NULL || out == NULL ||
in2 == NULL || out2 == NULL) { in2 == NULL || out2 == NULL) {
@ -682,8 +686,11 @@ static int sce_rsa_test(int prnt, int keySize)
if ((ret = wc_InitRng(&rng)) != 0) if ((ret = wc_InitRng(&rng)) != 0)
goto out; goto out;
/* make ras key by SCE */ if ((ret = wc_RsaSetRNG(key, &rng)) != 0)
goto out;
/* make rsa key by SCE */
if ((ret = wc_MakeRsaKey(key, keySize, 65537, &rng)) != 0) { if ((ret = wc_MakeRsaKey(key, keySize, 65537, &rng)) != 0) {
goto out; goto out;
} }
@ -694,7 +701,7 @@ static int sce_rsa_test(int prnt, int keySize)
} }
ret = wc_RsaPrivateDecrypt(out, keySize/8, out2, outSz, key); ret = wc_RsaPrivateDecrypt(out, keySize/8, out2, outSz, key);
if (ret != 0) { if (ret < 0) {
ret = -1; ret = -1;
goto out; goto out;
} }
@ -703,6 +710,7 @@ static int sce_rsa_test(int prnt, int keySize)
goto out; goto out;
} }
ret = 0;
out: out:
if (key != NULL) { if (key != NULL) {
wc_FreeRsaKey(key); wc_FreeRsaKey(key);
@ -735,10 +743,14 @@ static int sce_rsa_SignVerify_test(int prnt, int keySize)
const word32 inLen = (word32)TEST_STRING_SZ; const word32 inLen = (word32)TEST_STRING_SZ;
const word32 outSz = RSA_TEST_BYTES; const word32 outSz = RSA_TEST_BYTES;
byte *in = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER); byte *in = NULL;
byte *in2 = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER); byte *in2 = NULL;
byte *out= (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); byte *out= NULL;
in = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
in2 = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
out= (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
(void) prnt; (void) prnt;
if (key == NULL || in == NULL || out == NULL) { if (key == NULL || in == NULL || out == NULL) {
@ -759,12 +771,15 @@ static int sce_rsa_SignVerify_test(int prnt, int keySize)
if ((ret = wc_InitRng(&rng)) != 0) if ((ret = wc_InitRng(&rng)) != 0)
goto out; goto out;
/* make ras key by SCE */ if ((ret = wc_RsaSetRNG(key, &rng)) != 0)
goto out;
/* make rsa key by SCE */
if ((ret = wc_MakeRsaKey(key, keySize, 65537, &rng)) != 0) { if ((ret = wc_MakeRsaKey(key, keySize, 65537, &rng)) != 0) {
goto out; goto out;
} }
guser_PKCbInfo.flags2.bits.message_type = 0; guser_PKCbInfo.keyflgs_crypt.bits.message_type = 0;
ret = wc_RsaSSL_Sign(in, inLen, out, outSz, key, &rng); ret = wc_RsaSSL_Sign(in, inLen, out, outSz, key, &rng);
if (ret < 0) { if (ret < 0) {
goto out; goto out;
@ -778,11 +793,11 @@ static int sce_rsa_SignVerify_test(int prnt, int keySize)
} }
/* this should succeed */ /* this should succeed */
ret = wc_RsaSSL_Verify(in, inLen, out, keySize/8, key); ret = wc_RsaSSL_Verify(in, inLen, out, keySize/8, key);
if (ret != 0) { if (ret < 0) {
ret = -1; ret = -1;
goto out; goto out;
} }
ret = 0;
out: out:
if (key != NULL) { if (key != NULL) {
wc_FreeRsaKey(key); wc_FreeRsaKey(key);
@ -833,11 +848,26 @@ int sce_crypt_test()
if ( ret > 0) if ( ret > 0)
ret = 0; ret = 0;
if (ret == 0) {
printf(" sce_rsa_test(512)(this will be done"
" by SW because SCE doesn't support 512 bits key size.)");
ret = sce_rsa_test(1, 512);
RESULT_STR(ret)
}
if (ret == 0) { if (ret == 0) {
printf(" sce_rsa_test(1024)"); printf(" sce_rsa_test(1024)");
ret = sce_rsa_test(1, 1024); ret = sce_rsa_test(1, 1024);
RESULT_STR(ret) RESULT_STR(ret)
} }
if (ret == 0) {
printf(" sce_rsa_SignVerify_test(512)(this will be done"
" by SW because SCE doesn't support 512 bits key size.)");
ret = sce_rsa_SignVerify_test(1, 512);
RESULT_STR(ret)
}
if (ret == 0) { if (ret == 0) {
printf(" sce_rsa_SignVerify_test(1024)"); printf(" sce_rsa_SignVerify_test(1024)");
ret = sce_rsa_SignVerify_test(1, 1024); ret = sce_rsa_SignVerify_test(1, 1024);

View File

@ -21,7 +21,7 @@
#include <wolfssl/wolfcrypt/settings.h> #include <wolfssl/wolfcrypt/settings.h>
#if defined(WOLFSSL_RENESAS_SCEPROTECT) #if defined(WOLFSSL_RENESAS_SCEPROTECT) \
|| defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY) \ || defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY) \
|| defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
@ -235,13 +235,13 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
if (info->cipher.type == WC_CIPHER_AES_GCM) { if (info->cipher.type == WC_CIPHER_AES_GCM) {
if (info->cipher.enc && if (info->cipher.enc &&
(cbInfo->flags1.bits.session_key_set == 1 || (cbInfo->keyflgs_tls.bits.session_key_set == 1 ||
(cbInfo->flags2.bits.aes256_installedkey_set == 1 && (cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
info->cipher.aesgcm_enc.aes->keylen == 32) || info->cipher.aesgcm_enc.aes->keylen == 32) ||
(cbInfo->flags2.bits.aes128_installedkey_set == 1 && (cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1 &&
info->cipher.aesgcm_enc.aes->keylen == 16))) { info->cipher.aesgcm_enc.aes->keylen == 16))) {
if (cbInfo->flags2.bits.aes256_installedkey_set == 1 && if (cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
info->cipher.aesgcm_enc.aes->keylen == 32) { info->cipher.aesgcm_enc.aes->keylen == 32) {
XMEMCPY(&info->cipher.aesgcm_enc.aes->ctx.sce_wrapped_key, XMEMCPY(&info->cipher.aesgcm_enc.aes->ctx.sce_wrapped_key,
@ -250,7 +250,8 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
info->cipher.aesgcm_enc.aes->ctx.keySize = 32; info->cipher.aesgcm_enc.aes->ctx.keySize = 32;
} }
else if (cbInfo->flags2.bits.aes128_installedkey_set == 1 && else if (
cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1 &&
info->cipher.aesgcm_enc.aes->keylen == 16) { info->cipher.aesgcm_enc.aes->keylen == 16) {
XMEMCPY(&info->cipher.aesgcm_enc.aes->ctx.sce_wrapped_key, XMEMCPY(&info->cipher.aesgcm_enc.aes->ctx.sce_wrapped_key,
@ -273,13 +274,13 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
(void*)ctx); (void*)ctx);
} }
else if (cbInfo->flags1.bits.session_key_set == 1 || else if (cbInfo->keyflgs_tls.bits.session_key_set == 1 ||
(cbInfo->flags2.bits.aes256_installedkey_set == 1 && (cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
info->cipher.aesgcm_dec.aes->keylen == 32) || info->cipher.aesgcm_dec.aes->keylen == 32) ||
(cbInfo->flags2.bits.aes128_installedkey_set == 1 && (cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1 &&
info->cipher.aesgcm_dec.aes->keylen == 16)) { info->cipher.aesgcm_dec.aes->keylen == 16)) {
if (cbInfo->flags2.bits.aes256_installedkey_set == 1 && if (cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
info->cipher.aesgcm_dec.aes->keylen == 32) { info->cipher.aesgcm_dec.aes->keylen == 32) {
XMEMCPY(&info->cipher.aesgcm_dec.aes->ctx.sce_wrapped_key, XMEMCPY(&info->cipher.aesgcm_dec.aes->ctx.sce_wrapped_key,
@ -288,7 +289,8 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
info->cipher.aesgcm_dec.aes->ctx.keySize = 32; info->cipher.aesgcm_dec.aes->ctx.keySize = 32;
} }
else if (cbInfo->flags2.bits.aes128_installedkey_set == 1 && else if (
cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1 &&
info->cipher.aesgcm_dec.aes->keylen == 16) { info->cipher.aesgcm_dec.aes->keylen == 16) {
XMEMCPY(&info->cipher.aesgcm_dec.aes->ctx.sce_wrapped_key, XMEMCPY(&info->cipher.aesgcm_dec.aes->ctx.sce_wrapped_key,
@ -314,23 +316,25 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
#endif /* HAVE_AESGCM */ #endif /* HAVE_AESGCM */
#ifdef HAVE_AES_CBC #ifdef HAVE_AES_CBC
if ((info->cipher.type == WC_CIPHER_AES_CBC) && if ((info->cipher.type == WC_CIPHER_AES_CBC) &&
(cbInfo->flags1.bits.session_key_set == 1 || (cbInfo->keyflgs_tls.bits.session_key_set == 1 ||
(cbInfo->flags2.bits.aes256_installedkey_set == 1 && (cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
info->cipher.aescbc.aes->keylen == 32) || info->cipher.aescbc.aes->keylen == 32) ||
(cbInfo->flags2.bits.aes128_installedkey_set == 1 && (cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1 &&
info->cipher.aescbc.aes->keylen == 16))) { info->cipher.aescbc.aes->keylen == 16))) {
if (info->cipher.enc) { if (info->cipher.enc) {
if (cbInfo->flags2.bits.aes256_installedkey_set == 1 && if (
info->cipher.aescbc.aes->keylen == 32) { cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
info->cipher.aescbc.aes->keylen == 32) {
XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key, XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key,
&cbInfo->sce_wrapped_key_aes256, &cbInfo->sce_wrapped_key_aes256,
sizeof(sce_aes_wrapped_key_t)); sizeof(sce_aes_wrapped_key_t));
info->cipher.aescbc.aes->ctx.keySize = 32; info->cipher.aescbc.aes->ctx.keySize = 32;
} }
else if (cbInfo->flags2.bits.aes128_installedkey_set == 1 && else if (
info->cipher.aescbc.aes->keylen == 16) { cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1
&& info->cipher.aescbc.aes->keylen == 16) {
XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key, XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key,
&cbInfo->sce_wrapped_key_aes128, &cbInfo->sce_wrapped_key_aes128,
sizeof(sce_aes_wrapped_key_t)); sizeof(sce_aes_wrapped_key_t));
@ -344,15 +348,16 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
info->cipher.aescbc.sz); info->cipher.aescbc.sz);
} }
else { else {
if (cbInfo->flags2.bits.aes256_installedkey_set == 1 && if (
info->cipher.aescbc.aes->keylen == 32) { cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
info->cipher.aescbc.aes->keylen == 32) {
XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key, XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key,
&cbInfo->sce_wrapped_key_aes256, &cbInfo->sce_wrapped_key_aes256,
sizeof(sce_aes_wrapped_key_t)); sizeof(sce_aes_wrapped_key_t));
info->cipher.aescbc.aes->ctx.keySize = 32; info->cipher.aescbc.aes->ctx.keySize = 32;
} else if (
} else if (cbInfo->flags2.bits.aes128_installedkey_set cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1
== 1 && info->cipher.aescbc.aes->keylen == 16) { && info->cipher.aescbc.aes->keylen == 16) {
XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key, XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key,
&cbInfo->sce_wrapped_key_aes128, &cbInfo->sce_wrapped_key_aes128,
sizeof(sce_aes_wrapped_key_t)); sizeof(sce_aes_wrapped_key_t));
@ -373,40 +378,63 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
else if (info->algo_type == WC_ALGO_TYPE_PK) { else if (info->algo_type == WC_ALGO_TYPE_PK) {
#if !defined(NO_RSA) #if !defined(NO_RSA)
if (info->pk.type == WC_PK_TYPE_RSA_KEYGEN) { #if defined(WOLFSSL_KEY_GEN)
if (info->pk.type == WC_PK_TYPE_RSA_KEYGEN &&
(info->pk.rsakg.size == 1024 ||
info->pk.rsakg.size == 2048)) {
ret = wc_sce_MakeRsaKey(info->pk.rsakg.size, (void*)ctx); ret = wc_sce_MakeRsaKey(info->pk.rsakg.size, (void*)ctx);
} }
#endif
if (info->pk.type == WC_PK_TYPE_RSA) { if (info->pk.type == WC_PK_TYPE_RSA) {
if (info->pk.rsa.type == RSA_PRIVATE_DECRYPT || /* to perform RSA on SCE, wrapped keys should be installed
info->pk.rsa.type == RSA_PUBLIC_ENCRYPT ) * in advance. SCE supports 1024 or 2048 bits key size.
{ * otherwise, falls-through happens.
ret = wc_sce_RsaFunction(info->pk.rsa.in, */
info->pk.rsa.inLen, if (cbInfo->keyflgs_crypt.bits.rsapri2048_installedkey_set == 1
info->pk.rsa.out, ||
info->pk.rsa.outLen, cbInfo->keyflgs_crypt.bits.rsapub2048_installedkey_set == 1
info->pk.rsa.type, ||
info->pk.rsa.key, cbInfo->keyflgs_crypt.bits.rsapri1024_installedkey_set == 1
info->pk.rsa.rng, ||
(void*)ctx); cbInfo->keyflgs_crypt.bits.rsapub1024_installedkey_set == 1
) {
if (info->pk.rsa.type == RSA_PRIVATE_DECRYPT ||
info->pk.rsa.type == RSA_PUBLIC_ENCRYPT )
{
ret = wc_sce_RsaFunction(info->pk.rsa.in,
info->pk.rsa.inLen,
info->pk.rsa.out,
info->pk.rsa.outLen,
info->pk.rsa.type,
info->pk.rsa.key,
info->pk.rsa.rng,
(void*)ctx);
}
else if (info->pk.rsa.type == RSA_PRIVATE_ENCRYPT /* sign */){
ret = wc_sce_RsaSign(info->pk.rsa.in,
info->pk.rsa.inLen,
info->pk.rsa.out,
info->pk.rsa.outLen,
info->pk.rsa.key,
(void*)ctx);
}
else if (info->pk.rsa.type == RSA_PUBLIC_DECRYPT /* verify */) {
ret = wc_sce_RsaVerify(info->pk.rsa.in,
info->pk.rsa.inLen,
info->pk.rsa.out,
info->pk.rsa.outLen,
info->pk.rsa.key,
(void*)ctx);
}
} }
else if (info->pk.rsa.type == RSA_PRIVATE_ENCRYPT /* sign */){ else {
ret = wc_sce_RsaSign(info->pk.rsa.in, WOLFSSL_MSG(
info->pk.rsa.inLen, "SCE can handle 1024 or 2048 bit key size. "
info->pk.rsa.out, "key size is not either 1024 or 2048. "
info->pk.rsa.outLen, "Or wrapped key is not installed. "
info->pk.rsa.key, "RSA operation falls through to SW operation.");
(void*)ctx);
} }
else if (info->pk.rsa.type == RSA_PUBLIC_DECRYPT /* verify */) {
ret = wc_sce_RsaVerify(info->pk.rsa.in,
info->pk.rsa.inLen,
info->pk.rsa.out,
info->pk.rsa.outLen,
info->pk.rsa.key,
(void*)ctx);
}
} }
#endif /* NO_RSA && WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */ #endif /* NO_RSA && WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */
} }
@ -468,7 +496,7 @@ int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx)
#else #else
) { ) {
#endif #endif
printf("invaid devid\n"); printf("Invalid devId\n");
return INVALID_DEVID; return INVALID_DEVID;
} }
/* need exclusive control because of static variable */ /* need exclusive control because of static variable */
@ -488,9 +516,11 @@ int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx)
return INVALID_DEVID; return INVALID_DEVID;
} }
#if !defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY) && \
!defined(HAVE_RENESAS_SYNC)
if (ssl) if (ssl)
wolfSSL_SetDevId(ssl, cbInfo->devId); wolfSSL_SetDevId(ssl, cbInfo->devId);
#endif
/* sanity check for overflow */ /* sanity check for overflow */
if (gdevId < 0) { if (gdevId < 0) {
gdevId = 7890; gdevId = 7890;
@ -651,8 +681,9 @@ WOLFSSL_LOCAL int Renesas_cmn_EccVerify(WOLFSSL* ssl, const unsigned char* sig,
* cm_row CA index * cm_row CA index
* return FSP_SUCCESS(0) on success, otherwise WOLFSSL_FATAL_ERROR * return FSP_SUCCESS(0) on success, otherwise WOLFSSL_FATAL_ERROR
*/ */
int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len, word32 key_n_start, int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len,
word32 key_n_len, word32 key_e_start, word32 key_e_len, word32 cm_row) word32 key_n_start, word32 key_n_len, word32 key_e_start,
word32 key_e_len, word32 cm_row)
{ {
int ret; int ret;
@ -721,7 +752,8 @@ WOLFSSL_LOCAL int Renesas_cmn_TlsFinished(WOLFSSL* ssl, const byte *side,
/* Renesas Security Library Common Callback /* Renesas Security Library Common Callback
* Callback for setting Encrypt Keys. * Callback for setting Encrypt Keys.
* Register callback for setting Encrypt Keys when keys are generated by SCE/TSIP * Register callback for setting Encrypt Keys when keys are generated
* by SCE/TSIP
* *
* ssl the WOLFSSL object * ssl the WOLFSSL object
* ctx Callback context * ctx Callback context
@ -745,7 +777,7 @@ static int Renesas_cmn_EncryptKeys(WOLFSSL* ssl, void* ctx)
User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx; User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx;
if (cbInfo->flags1.bits.session_key_set == 1) { if (cbInfo->keyflgs_tls.bits.session_key_set == 1) {
#endif #endif
ret = 0; ret = 0;

View File

@ -155,7 +155,7 @@ WOLFSSL_LOCAL int wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
#if defined(WOLFSSL_RENESAS_SCEPROTECT) #if defined(WOLFSSL_RENESAS_SCEPROTECT)
if (ret == 0 && if (ret == 0 &&
info->flags1.bits.session_key_set == 1) { info->keyflgs_tls.bits.session_key_set == 1) {
/* generate AES-GCM session key. The key stored in /* generate AES-GCM session key. The key stored in
* Aes.ctx.tsip_keyIdx is not used here. * Aes.ctx.tsip_keyIdx is not used here.
*/ */
@ -176,28 +176,29 @@ WOLFSSL_LOCAL int wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
} }
} }
else else {
#else #else
if (ret == 0) if (ret == 0) {
#endif #endif
if (info->flags2.bits.aes256_installedkey_set == 1 || if (info->keyflgs_crypt.bits.aes256_installedkey_set == 1 ||
info->flags2.bits.aes128_installedkey_set == 1) { info->keyflgs_crypt.bits.aes128_installedkey_set == 1) {
if (aes->ctx.keySize == 32) { if (aes->ctx.keySize == 32) {
XMEMCPY(&key_client_aes, XMEMCPY(&key_client_aes,
(sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes256, (sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes256,
sizeof(sce_aes_wrapped_key_t)); sizeof(sce_aes_wrapped_key_t));
}
else {
XMEMCPY(&key_client_aes,
(sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes128,
sizeof(sce_aes_wrapped_key_t));
}
iv_l = iv;
ivSz_l = ivSz;
} }
else { else {
XMEMCPY(&key_client_aes, WOLFSSL_MSG("AES key for SCE is not set.");
(sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes128, ret = -1;
sizeof(sce_aes_wrapped_key_t));
} }
iv_l = iv;
ivSz_l = ivSz;
}
else {
WOLFSSL_MSG("AES key for SCE is not set.");
ret = -1;
} }
if (ret == 0) { if (ret == 0) {
@ -350,7 +351,7 @@ WOLFSSL_LOCAL int wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
} }
#if defined(WOLFSSL_RENESAS_SCEPROTECT) #if defined(WOLFSSL_RENESAS_SCEPROTECT)
if (ret == 0 && if (ret == 0 &&
info->flags1.bits.session_key_set == 1) { info->keyflgs_tls.bits.session_key_set == 1) {
/* generate AES-GCM session key. The key stored in /* generate AES-GCM session key. The key stored in
* Aes.ctx.tsip_keyIdx is not used here. * Aes.ctx.tsip_keyIdx is not used here.
*/ */
@ -370,30 +371,31 @@ WOLFSSL_LOCAL int wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
ret = -1; ret = -1;
} }
} }
else else {
#else #else
if (ret == 0) if (ret == 0) {
#endif #endif
if (info->flags2.bits.aes256_installedkey_set == 1 || if (info->keyflgs_crypt.bits.aes256_installedkey_set == 1 ||
info->flags2.bits.aes128_installedkey_set == 1) { info->keyflgs_crypt.bits.aes128_installedkey_set == 1) {
if (aes->ctx.keySize == 32) { if (aes->ctx.keySize == 32) {
XMEMCPY(&key_server_aes, XMEMCPY(&key_server_aes,
(sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes256, (sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes256,
sizeof(sce_aes_wrapped_key_t)); sizeof(sce_aes_wrapped_key_t));
}
else {
XMEMCPY(&key_server_aes,
(sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes128,
sizeof(sce_aes_wrapped_key_t));
}
iv_l = iv;
ivSz_l = ivSz;
} }
else { else {
XMEMCPY(&key_server_aes, WOLFSSL_MSG("AES key for SCE is not set.");
(sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes128, ret = -1;
sizeof(sce_aes_wrapped_key_t));
} }
iv_l = iv;
ivSz_l = ivSz;
} }
else {
WOLFSSL_MSG("AES key for SCE is not set.");
ret = -1;
}
if (ret == 0) { if (ret == 0) {
/* since key_index has iv and ivSz in it, no need to pass them init /* since key_index has iv and ivSz in it, no need to pass them init
* func. Pass NULL and 0 as 3rd and 4th parameter respectively. * func. Pass NULL and 0 as 3rd and 4th parameter respectively.

View File

@ -36,12 +36,13 @@
#include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h> #include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
/* Make Rsa key for SCE and set it to callback ctx /* Make Rsa key for SCE and set it to callback ctx
* Assumes to be called by Crypt Callback
* *
* size desired keylenth, in bits. supports 1024 or 2048 bits * size desired keylenth, in bits. supports 1024 or 2048 bits
* ctx Callback context including pointer to hold generated key * ctx Callback context including pointer to hold generated key
* return FSP_SUCCESS(0) on Success, otherwise negative value * return FSP_SUCCESS(0) on Success, otherwise negative value
*/ */
WOLFSSL_LOCAL int wc_sce_MakeRsaKey(int size, void* ctx) WOLFSSL_LOCAL int wc_sce_MakeRsaKey(int size, void* ctx)
{ {
fsp_err_t ret; fsp_err_t ret;
User_SCEPKCbInfo *info = (User_SCEPKCbInfo*)ctx; User_SCEPKCbInfo *info = (User_SCEPKCbInfo*)ctx;
@ -118,8 +119,8 @@ WOLFSSL_LOCAL int wc_sce_MakeRsaKey(int size, void* ctx)
sizeof(sce_rsa1024_public_wrapped_key_t)); sizeof(sce_rsa1024_public_wrapped_key_t));
XFREE(wrapped_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER); XFREE(wrapped_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
info->flags2.bits.rsapri1024_installedkey_set = 1; info->keyflgs_crypt.bits.rsapri1024_installedkey_set = 1;
info->flags2.bits.rsapub1024_installedkey_set = 1; info->keyflgs_crypt.bits.rsapub1024_installedkey_set = 1;
} }
else if (size == 2048) { else if (size == 2048) {
if (info->sce_wrapped_key_rsapri2048 != NULL) { if (info->sce_wrapped_key_rsapri2048 != NULL) {
@ -160,8 +161,8 @@ WOLFSSL_LOCAL int wc_sce_MakeRsaKey(int size, void* ctx)
sizeof(sce_rsa2048_public_wrapped_key_t)); sizeof(sce_rsa2048_public_wrapped_key_t));
XFREE(wrapped_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER); XFREE(wrapped_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
info->flags2.bits.rsapri2048_installedkey_set = 1; info->keyflgs_crypt.bits.rsapri2048_installedkey_set = 1;
info->flags2.bits.rsapub2048_installedkey_set = 1; info->keyflgs_crypt.bits.rsapub2048_installedkey_set = 1;
} }
} }
@ -175,6 +176,7 @@ WOLFSSL_LOCAL int wc_sce_MakeRsaKey(int size, void* ctx)
} }
/* Perform rsa encryption/decryption by SCE /* Perform rsa encryption/decryption by SCE
* Assumes to be called by Crypt Callback
* *
* in Buffer to hold plain text * in Buffer to hold plain text
* inLen Length of plain text in bytes * inLen Length of plain text in bytes
@ -185,7 +187,7 @@ WOLFSSL_LOCAL int wc_sce_MakeRsaKey(int size, void* ctx)
* ctx Callback context * ctx Callback context
* return FSP_SUCCESS(0) on Success, otherwise negative value * return FSP_SUCCESS(0) on Success, otherwise negative value
*/ */
WOLFSSL_LOCAL int wc_sce_RsaFunction(const byte* in, word32 inLen, byte* out, WOLFSSL_LOCAL int wc_sce_RsaFunction(const byte* in, word32 inLen, byte* out,
word32 outLen, int type, struct RsaKey* key, word32 outLen, int type, struct RsaKey* key,
struct WC_RNG* rng, void* ctx) struct WC_RNG* rng, void* ctx)
{ {
@ -207,13 +209,14 @@ WOLFSSL_LOCAL int wc_sce_RsaFunction(const byte* in, word32 inLen, byte* out,
} }
keySize = 0; keySize = 0;
if (info->flags2.bits.rsapri2048_installedkey_set == 1 || if (info->keyflgs_crypt.bits.rsapri2048_installedkey_set == 1 ||
info->flags2.bits.rsapub2048_installedkey_set == 1 ) info->keyflgs_crypt.bits.rsapub2048_installedkey_set == 1 )
keySize = 2048; keySize = 2048;
else else if (info->keyflgs_crypt.bits.rsapri1024_installedkey_set == 1 ||
info->keyflgs_crypt.bits.rsapub1024_installedkey_set == 1 )
keySize = 1024; keySize = 1024;
if (keySize != 2048 && keySize != 1024) { if (keySize == 0) {
WOLFSSL_MSG("keySize is invalid, neither 128 or 256 bytes, " WOLFSSL_MSG("keySize is invalid, neither 128 or 256 bytes, "
"1024 or 2048 bits."); "1024 or 2048 bits.");
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
@ -228,7 +231,7 @@ WOLFSSL_LOCAL int wc_sce_RsaFunction(const byte* in, word32 inLen, byte* out,
cipher.data_length = outLen; cipher.data_length = outLen;
if (keySize == 1024) { if (keySize == 1024) {
if(info->flags2.bits.rsapub1024_installedkey_set == 1) if(info->keyflgs_crypt.bits.rsapub1024_installedkey_set == 1)
ret = R_SCE_RSAES_PKCS1024_Encrypt(&plain, &cipher, ret = R_SCE_RSAES_PKCS1024_Encrypt(&plain, &cipher,
(sce_rsa1024_public_wrapped_key_t*) (sce_rsa1024_public_wrapped_key_t*)
info->sce_wrapped_key_rsapub1024); info->sce_wrapped_key_rsapub1024);
@ -238,7 +241,7 @@ WOLFSSL_LOCAL int wc_sce_RsaFunction(const byte* in, word32 inLen, byte* out,
} }
} }
else { else {
if(info->flags2.bits.rsapub2048_installedkey_set == 1) if(info->keyflgs_crypt.bits.rsapub2048_installedkey_set == 1)
ret = R_SCE_RSAES_PKCS2048_Encrypt(&plain, &cipher, ret = R_SCE_RSAES_PKCS2048_Encrypt(&plain, &cipher,
(sce_rsa2048_public_wrapped_key_t*) (sce_rsa2048_public_wrapped_key_t*)
info->sce_wrapped_key_rsapub2048); info->sce_wrapped_key_rsapub2048);
@ -255,7 +258,7 @@ WOLFSSL_LOCAL int wc_sce_RsaFunction(const byte* in, word32 inLen, byte* out,
cipher.data_length = inLen; cipher.data_length = inLen;
if (keySize == 1024) { if (keySize == 1024) {
if(info->flags2.bits.rsapri1024_installedkey_set == 1) if(info->keyflgs_crypt.bits.rsapri1024_installedkey_set == 1)
ret = R_SCE_RSAES_PKCS1024_Decrypt(&cipher, &plain, ret = R_SCE_RSAES_PKCS1024_Decrypt(&cipher, &plain,
(sce_rsa1024_private_wrapped_key_t*) (sce_rsa1024_private_wrapped_key_t*)
info->sce_wrapped_key_rsapri1024); info->sce_wrapped_key_rsapri1024);
@ -265,7 +268,7 @@ WOLFSSL_LOCAL int wc_sce_RsaFunction(const byte* in, word32 inLen, byte* out,
} }
} }
else { else {
if(info->flags2.bits.rsapri2048_installedkey_set == 1) if(info->keyflgs_crypt.bits.rsapri2048_installedkey_set == 1)
ret = R_SCE_RSAES_PKCS2048_Decrypt(&cipher, &plain, ret = R_SCE_RSAES_PKCS2048_Decrypt(&cipher, &plain,
(sce_rsa2048_private_wrapped_key_t*) (sce_rsa2048_private_wrapped_key_t*)
info->sce_wrapped_key_rsapri2048); info->sce_wrapped_key_rsapri2048);
@ -282,7 +285,8 @@ WOLFSSL_LOCAL int wc_sce_RsaFunction(const byte* in, word32 inLen, byte* out,
} }
/* Perform Rsa sign by SCE /* Perform Rsa sign by SCE
* * Assumes to be called by Crypt Callback
*
* in Buffer to hold plaintext * in Buffer to hold plaintext
* inLen Length of plaintext in bytes * inLen Length of plaintext in bytes
* out Buffer to hold generated signature * out Buffer to hold generated signature
@ -292,7 +296,7 @@ WOLFSSL_LOCAL int wc_sce_RsaFunction(const byte* in, word32 inLen, byte* out,
* return FSP_SUCCESS(0) on Success, otherwise negative value * return FSP_SUCCESS(0) on Success, otherwise negative value
*/ */
WOLFSSL_LOCAL int wc_sce_RsaSign(const byte* in, word32 inLen, byte* out, WOLFSSL_LOCAL int wc_sce_RsaSign(const byte* in, word32 inLen, byte* out,
word32* outLen, struct RsaKey* key, void* ctx) word32* outLen, struct RsaKey* key, void* ctx)
{ {
int ret; int ret;
@ -311,13 +315,14 @@ WOLFSSL_LOCAL int wc_sce_RsaSign(const byte* in, word32 inLen, byte* out,
} }
keySize = 0; keySize = 0;
if (info->flags2.bits.rsapri2048_installedkey_set == 1 || if (info->keyflgs_crypt.bits.rsapri2048_installedkey_set == 1 ||
info->flags2.bits.rsapub2048_installedkey_set == 1 ) info->keyflgs_crypt.bits.rsapub2048_installedkey_set == 1 )
keySize = 2048; keySize = 2048;
else else if (info->keyflgs_crypt.bits.rsapri1024_installedkey_set == 1 ||
info->keyflgs_crypt.bits.rsapub1024_installedkey_set == 1 )
keySize = 1024; keySize = 1024;
if (keySize != 2048 && keySize != 1024) { if (keySize == 0) {
WOLFSSL_MSG("keySize is invalid, neither 1024 or 2048 bits."); WOLFSSL_MSG("keySize is invalid, neither 1024 or 2048 bits.");
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
@ -325,7 +330,7 @@ WOLFSSL_LOCAL int wc_sce_RsaSign(const byte* in, word32 inLen, byte* out,
message_hash.pdata = in; message_hash.pdata = in;
message_hash.data_length = inLen; message_hash.data_length = inLen;
message_hash.data_type = message_hash.data_type =
info->flags2.bits.message_type;/* message 0, hash 1 */ info->keyflgs_crypt.bits.message_type;/* message 0, hash 1 */
signature.pdata = out; signature.pdata = out;
signature.data_length = outLen; signature.data_length = outLen;
@ -354,7 +359,8 @@ WOLFSSL_LOCAL int wc_sce_RsaSign(const byte* in, word32 inLen, byte* out,
} }
/* Perform Rsa verify by SCE /* Perform Rsa verify by SCE
* * Assumes to be called by Crypt Callback
*
* in Buffer to hold plaintext * in Buffer to hold plaintext
* inLen Length of plaintext in bytes * inLen Length of plaintext in bytes
* out Buffer to hold generated signature * out Buffer to hold generated signature
@ -364,7 +370,7 @@ WOLFSSL_LOCAL int wc_sce_RsaSign(const byte* in, word32 inLen, byte* out,
* return FSP_SUCCESS(0) on Success, otherwise negative value * return FSP_SUCCESS(0) on Success, otherwise negative value
*/ */
WOLFSSL_LOCAL int wc_sce_RsaVerify(const byte* in, word32 inLen, byte* out, WOLFSSL_LOCAL int wc_sce_RsaVerify(const byte* in, word32 inLen, byte* out,
word32* outLen,struct RsaKey* key, void* ctx) word32* outLen,struct RsaKey* key, void* ctx)
{ {
int ret; int ret;
@ -383,13 +389,14 @@ WOLFSSL_LOCAL int wc_sce_RsaVerify(const byte* in, word32 inLen, byte* out,
} }
keySize = 0; keySize = 0;
if (info->flags2.bits.rsapri2048_installedkey_set == 1 || if (info->keyflgs_crypt.bits.rsapri2048_installedkey_set == 1 ||
info->flags2.bits.rsapub2048_installedkey_set == 1 ) info->keyflgs_crypt.bits.rsapub2048_installedkey_set == 1 )
keySize = 2048; keySize = 2048;
else else if (info->keyflgs_crypt.bits.rsapri1024_installedkey_set == 1 ||
info->keyflgs_crypt.bits.rsapub1024_installedkey_set == 1 )
keySize = 1024; keySize = 1024;
if (keySize != 2048 && keySize != 1024) { if (keySize == 0) {
WOLFSSL_MSG("keySize is invalid, neither 1024 or 2048 bits."); WOLFSSL_MSG("keySize is invalid, neither 1024 or 2048 bits.");
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
@ -398,7 +405,7 @@ WOLFSSL_LOCAL int wc_sce_RsaVerify(const byte* in, word32 inLen, byte* out,
message_hash.pdata = in; message_hash.pdata = in;
message_hash.data_length = inLen; message_hash.data_length = inLen;
message_hash.data_type = message_hash.data_type =
info->flags2.bits.message_type;/* message 0, hash 1 */ info->keyflgs_crypt.bits.message_type;/* message 0, hash 1 */
signature.pdata = out; signature.pdata = out;
signature.data_length = outLen; signature.data_length = outLen;

View File

@ -223,11 +223,11 @@ static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig
if (ret != FSP_SUCCESS) { if (ret != FSP_SUCCESS) {
WOLFSSL_MSG("failed R_SCE_TLS_ServerKeyExchangeVerify"); WOLFSSL_MSG("failed R_SCE_TLS_ServerKeyExchangeVerify");
cbInfo->flags1.bits.pk_key_set = 0; cbInfo->keyflgs_tls.bits.pk_key_set = 0;
} }
else { else {
ret = WOLFSSL_SUCCESS; ret = WOLFSSL_SUCCESS;
cbInfo->flags1.bits.pk_key_set = 1; cbInfo->keyflgs_tls.bits.pk_key_set = 1;
} }
} }
else { else {
@ -361,7 +361,7 @@ WOLFSSL_LOCAL int SCE_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
WOLFSSL_PKMSG("PK ECC PMS: Side %s, Peer Curve %d\n", WOLFSSL_PKMSG("PK ECC PMS: Side %s, Peer Curve %d\n",
side == WOLFSSL_CLIENT_END ? "client" : "server", otherKey->dp->id); side == WOLFSSL_CLIENT_END ? "client" : "server", otherKey->dp->id);
if (cbInfo->flags1.bits.pk_key_set == 1) { if (cbInfo->keyflgs_tls.bits.pk_key_set == 1) {
if ((ret = wc_sce_hw_lock()) == 0) { if ((ret = wc_sce_hw_lock()) == 0) {
/* Generate ECC PUblic key pair */ /* Generate ECC PUblic key pair */
ret = R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate( ret = R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate(
@ -784,7 +784,7 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(WOLFSSL *ssl,
dec->aes->devId = devId; dec->aes->devId = devId;
/* marked as session key is set */ /* marked as session key is set */
cbInfo->flags1.bits.session_key_set = 1; cbInfo->keyflgs_tls.bits.session_key_set = 1;
} }
/* unlock hw */ /* unlock hw */
wc_sce_hw_unlock(); wc_sce_hw_unlock();
@ -1138,8 +1138,8 @@ WOLFSSL_API int wc_sce_set_callback_ctx(WOLFSSL* ssl, void* user_ctx)
return -1; return -1;
} }
gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx] = (User_SCEPKCbInfo*)user_ctx; gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx] = (User_SCEPKCbInfo*)user_ctx;
gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx]->flags1.bits.pk_key_set = 0; gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx]->keyflgs_tls.bits.pk_key_set = 0;
gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx]->flags1.bits.session_key_set = 0; gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx]->keyflgs_tls.bits.session_key_set = 0;
wolfSSL_SetEccVerifyCtx(ssl, user_ctx); wolfSSL_SetEccVerifyCtx(ssl, user_ctx);
wolfSSL_SetRsaEncCtx(ssl, user_ctx); wolfSSL_SetRsaEncCtx(ssl, user_ctx);

View File

@ -3377,7 +3377,7 @@ static int RsaPublicEncryptEx(const byte* in, word32 inLen, byte* out,
/* SCE needs warpped key which is passed via /* SCE needs warpped key which is passed via
* user ctx object of crypt-call back. * user ctx object of crypt-call back.
*/ */
#ifdef WOLF_CRYPTO_CB #ifdef WOLF_CRYPTO_CB
if (key->devId != INVALID_DEVID) { if (key->devId != INVALID_DEVID) {
/* SCE supports 1024 and 2048 bits */ /* SCE supports 1024 and 2048 bits */
ret = wc_CryptoCb_Rsa(in, inLen, out, ret = wc_CryptoCb_Rsa(in, inLen, out,
@ -3387,8 +3387,7 @@ static int RsaPublicEncryptEx(const byte* in, word32 inLen, byte* out,
/* fall-through when unavailable */ /* fall-through when unavailable */
ret = 0; /* reset error code and try using software */ ret = 0; /* reset error code and try using software */
} }
#endif #endif
#endif /* WOLFSSL_SE050 */ #endif /* WOLFSSL_SE050 */
key->state = RSA_STATE_ENCRYPT_PAD; key->state = RSA_STATE_ENCRYPT_PAD;
@ -3535,14 +3534,14 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
} }
#elif defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY) #elif defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
#ifdef WOLF_CRYPTO_CB #ifdef WOLF_CRYPTO_CB
if (key->devId != INVALID_DEVID) { if (key->devId != INVALID_DEVID) {
ret = wc_CryptoCb_Rsa(in, inLen, out, ret = wc_CryptoCb_Rsa(in, inLen, out,
outLen, rsa_type, key, rng); outLen, rsa_type, key, rng);
if (ret != CRYPTOCB_UNAVAILABLE) if (ret != CRYPTOCB_UNAVAILABLE)
return ret; return ret;
/* fall-through when unavailable */ /* fall-through when unavailable */
ret = 0; /* reset error code and try using software */ ret = 0; /* reset error code and try using software */
} }
#endif #endif
#endif /* WOLFSSL_CRYPTOCELL */ #endif /* WOLFSSL_CRYPTOCELL */

View File

@ -61,7 +61,8 @@
#if defined(WOLFSSL_RENESAS_TSIP) #if defined(WOLFSSL_RENESAS_TSIP)
#include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h> #include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
#endif #endif
#if defined(WOLFSSL_RENESAS_SCE) #if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
#include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h> #include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
#endif #endif
#if defined(WOLFSSL_RENESAS_RX64_HASH) #if defined(WOLFSSL_RENESAS_RX64_HASH)

View File

@ -36,14 +36,14 @@ extern "C" {
typedef void* renesas_sce_wrappedkey; typedef void* renesas_sce_wrappedkey;
/* related to TLS */ /* flsgas related to TLS */
struct sce_flags1 { struct sce_keyflgs_tls {
uint8_t pk_key_set:1; uint8_t pk_key_set:1;
uint8_t session_key_set:1; uint8_t session_key_set:1;
}; };
/* Crypt Only */ /* flags Crypt Only */
struct sce_flags2 { struct sce_keyflgs_cryt {
uint8_t aes256_installedkey_set:1; uint8_t aes256_installedkey_set:1;
uint8_t aes128_installedkey_set:1; uint8_t aes128_installedkey_set:1;
uint8_t rsapri2048_installedkey_set:1; uint8_t rsapri2048_installedkey_set:1;
@ -88,13 +88,14 @@ typedef struct tagUser_SCEPKCbInfo {
/* flag whether encrypted ec key is set */ /* flag whether encrypted ec key is set */
union { union {
uint8_t chr; uint8_t chr;
struct sce_flags1 bits; struct sce_keyflgs_tls bits;
} flags1; } keyflgs_tls;
/* key status flags */
/* flags shows status if wrapped keys are installed */
union { union {
uint8_t chr; uint8_t chr;
struct sce_flags2 bits; struct sce_keyflgs_cryt bits;
} flags2 } keyflgs_crypt;
} User_SCEPKCbInfo; } User_SCEPKCbInfo;